Behavioral task
behavioral1
Sample
143cb1d36f1f16b09762b6847822d06f_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
143cb1d36f1f16b09762b6847822d06f_JaffaCakes118.doc
Resource
win10v2004-20240611-en
General
-
Target
143cb1d36f1f16b09762b6847822d06f_JaffaCakes118
-
Size
205KB
-
MD5
143cb1d36f1f16b09762b6847822d06f
-
SHA1
726d6ab9d90892b7edf1d060af79b95bb124e277
-
SHA256
e1c6a68a2ed3a1047ea46c2653c60bb1c111c7af5aebb0a67799b0e8b691fc56
-
SHA512
8881939d0d50d1de73467e2202f819569e5830cc0277748eaac7a76e90c7f7657e335ceb6fa2733d3b99fa4d855a5dbbaebebd1314651aa82e02de32dbb1e689
-
SSDEEP
1536:NtPrT8wrLT0NeXxz1DwetHrTPByf5J8bzj+dD1d38pkFiowm8MbIcd1k:N2w3keXxz1DfNYkoDz8pkTd8Mo
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
143cb1d36f1f16b09762b6847822d06f_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5
UserForm6